Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/5307193E7D0411EE9530F00CC4F9AE02.roa
File: 5307193E7D0411EE9530F00CC4F9AE02.roa (raw, json)
Hash identifier: 4TOAUeU5IYJiDuBNOUfKG5PaARW3gCzkxErDIsrOTHM=
Subject key identifier: 07:1C:10:4B:4F:E2:37:BD:E5:6A:A7:A4:A9:0B:BB:15:45:D3:E3:72
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 053E
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/5307193E7D0411EE9530F00CC4F9AE02.roa
Signing time: Tue 07 Nov 2023 00:26:43 +0000
ROA not before: Tue 07 Nov 2023 00:26:43 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 983
IP address blocks: 43.255.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 07:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1342 (0x53e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Nov 7 00:26:43 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65498442-1178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ae:bf:fd:fb:45:e4:53:02:b5:88:d2:28:2c:
26:dc:0c:1c:d8:06:33:8c:a2:c3:4c:ed:f2:1f:4d:
4e:8d:f0:f2:a3:20:51:e2:d9:fb:48:76:60:82:fd:
60:e3:a9:7d:f2:d3:c7:cd:84:68:93:b5:4f:a4:c6:
75:4a:05:1d:cb:2a:c7:c0:1e:70:4f:7c:4f:fe:35:
97:72:c4:ff:8b:ef:13:9b:bc:69:3e:5f:e2:51:25:
b2:45:65:fb:d8:62:4a:98:99:90:f8:1c:86:48:2f:
32:4e:c1:dd:65:77:4a:c8:71:0e:50:92:16:61:11:
c6:42:30:8b:f8:a4:8a:f5:ba:a0:2b:7f:54:cd:ce:
53:6a:84:2b:3b:33:ee:06:0b:26:e0:f9:53:51:2d:
7f:13:1a:fe:4d:36:f9:5c:51:7b:d1:94:e9:78:b3:
8f:24:36:7d:40:7f:70:7b:97:f7:10:83:00:72:82:
d6:d4:fe:21:6c:d1:08:47:39:b4:3b:74:6f:f0:68:
79:25:b5:c0:37:a0:73:92:98:4e:f0:bd:5b:69:b9:
84:03:10:a8:32:c6:1c:6f:ff:9d:41:49:14:f8:a1:
51:19:8f:59:d5:5e:a2:2a:bd:e3:d2:03:19:e4:da:
7d:dd:73:49:13:1a:45:5f:c3:f7:1b:7a:2f:22:a9:
5f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1C:10:4B:4F:E2:37:BD:E5:6A:A7:A4:A9:0B:BB:15:45:D3:E3:72
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/5307193E7D0411EE9530F00CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.122.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:a3:e5:d1:f4:94:c5:b8:0c:31:79:81:5a:dd:6f:cb:75:c7:
ea:c0:c9:b4:42:f4:ac:f0:d0:4c:db:86:61:89:83:93:34:f9:
37:72:c2:97:15:3c:17:55:90:06:73:31:43:27:7a:40:d4:f0:
83:08:bc:ac:9c:66:e4:85:89:e1:ea:15:91:ea:60:d8:4d:90:
85:76:e7:3e:3d:60:ab:04:4d:ac:6b:d7:91:9a:6f:dd:38:81:
05:0b:85:16:51:45:31:80:6d:3f:c6:9f:42:f0:8c:7a:a3:24:
6b:a1:f2:06:64:fa:e4:e9:3b:9d:d2:4f:81:ab:24:2b:55:ae:
69:b4:70:bc:98:47:ab:a2:ac:95:de:8d:5e:a1:66:3b:1f:fe:
95:45:d9:1e:1d:6c:d4:01:cc:cc:be:a2:54:63:7b:4d:b5:3c:
50:29:87:af:3e:5c:95:4b:7c:c3:96:41:21:77:5a:55:73:d3:
68:e5:7a:5a:02:0e:db:c9:b3:fa:76:88:67:48:ff:31:91:2c:
21:19:cf:f4:89:11:60:db:00:60:6f:c4:83:76:f7:60:96:5c:
b5:9d:00:30:13:62:96:77:9a:60:b0:06:a0:86:7f:a8:0e:19:
92:71:62:5a:37:fb:e8:58:ee:15:b9:b8:a0:d7:74:88:6e:75:
11:43:a7:c9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMTA3MDAyNjQzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ5ODQ0Mi0xMTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA666//ftF5FMCtYjSKCwm3Awc2AYzjKLDTO3yH01OjfDyoyBR4tn7SHZggv1g
46l98tPHzYRok7VPpMZ1SgUdyyrHwB5wT3xP/jWXcsT/i+8Tm7xpPl/iUSWyRWX7
2GJKmJmQ+ByGSC8yTsHdZXdKyHEOUJIWYRHGQjCL+KSK9bqgK39Uzc5TaoQrOzPu
Bgsm4PlTUS1/Exr+TTb5XFF70ZTpeLOPJDZ9QH9we5f3EIMAcoLW1P4hbNEIRzm0
O3Rv8Gh5JbXAN6BzkphO8L1babmEAxCoMsYcb/+dQUkU+KFRGY9Z1V6iKr3j0gMZ
5Np93XNJExpFX8P3G3ovIqlfzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAccEEtP
4je95WqnpKkLuxVF0+NyMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNTMwNzE5M0U3
RDA0MTFFRTk1MzBGMDBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/3owDQYJKoZIhvcNAQELBQADggEBAMaj5dH0lMW4DDF5
gVrdb8t1x+rAybRC9Kzw0EzbhmGJg5M0+TdywpcVPBdVkAZzMUMnekDU8IMIvKyc
ZuSFieHqFZHqYNhNkIV25z49YKsETaxr15Gab904gQULhRZRRTGAbT/Gn0LwjHqj
JGuh8gZk+uTpO53ST4GrJCtVrmm0cLyYR6uirJXejV6hZjsf/pVF2R4dbNQBzMy+
olRje021PFAph68+XJVLfMOWQSF3WlVz02jleloCDtvJs/p2iGdI/zGRLCEZz/SJ
EWDbAGBvxIN292CWXLWdADATYpZ3mmCwBqCGf6gOGZJxYlo3++hY7hW5uKDXdIhu
dRFDp8k=
-----END CERTIFICATE-----
Generated at Thu Jan 11 12:13:18 2024 by rpki-client on console-fra.rpki-client.org